yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1504 from emqtt/develop 

Feature - Using SSL for Erlang Distribution
This commit is contained in:
Feng Lee 2018-02-18 13:07:10 +08:00 committed by GitHub
parent d3f7df7c45 98d63a1454
commit 37bc6f54ea
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 29 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
etc/emq.conf
View File

@ -236,10 +236,18 @@ node.crash_dump = {{ platform_log_dir }}/crash.dump
## Value: Enum
## - inet_tcp: the default; handles TCP streams with IPv4 addressing.
## - inet6_tcp: handles TCP with IPv6 addressing.
## - inet_tls: using TLS for Erlang Distribution.
##
## vm.args: -proto_dist inet_tcp
node.proto_dist = inet_tcp
## Specify SSL Options in the file if using SSL for Erlang Distribution.
##
## Value: File
##
## vm.args: -ssl_dist_optfile <File>
## node.ssl_dist_optfile = {{ platform_etc_dir }}/ssl_dist.conf
## Sets the net_kernel tick time. TickTime is specified in seconds.
## Notice that all communicating nodes are to have the same TickTime
## value specified.

11
etc/ssl_dist.conf Normal file
View File

@ -0,0 +1,11 @@
%% The options in the {server, Opts} tuple are used when calling ssl:ssl_accept/3,
%% and the options in the {client, Opts} tuple are used when calling ssl:connect/4.
%%
%% More information at: http://erlang.org/doc/apps/ssl/ssl_distribution.html
[{server,
[{certfile, "{{ platform_etc_dir }}/certs/cert.pem"},
{keyfile, "{{ platform_etc_dir }}/certs/key.pem"},
{secure_renegotiate, true},
{depth, 0}]},
{client,
[{secure_renegotiate, true}]}].

10
priv/emq.schema
View File

@ -170,7 +170,15 @@ end}.
%% @doc The erlang distributed protocol
{mapping, "node.proto_dist", "vm_args.-proto_dist", [
%%{default, "inet_tcp"}
{default, "inet_tcp"},
{datatype, {enum, [inet_tcp, inet6_tcp, inet_tls]}},
hidden
]}.
%% @doc Specify SSL Options in the file if using SSL for erlang distribution
{mapping, "node.ssl_dist_optfile", "vm_args.-ssl_dist_optfile", [
{datatype, string},
hidden
]}.
%% @doc Secret cookie for distributed erlang node

2
src/emqttd.app.src
View File

@ -1,6 +1,6 @@
{application,emqttd,
[{description,"Erlang MQTT Broker"},
{vsn,"2.3.4"},
{vsn,"2.3.5"},
{modules,[]},
{registered,[emqttd_sup]},
{applications,[kernel,stdlib,gproc,lager,esockd,mochiweb,